Description
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete path prefix check using os.path.startswith() without a trailing separator. Attackers can supply crafted markdown image references in user-controlled page descriptions that resolve to sibling directories whose names share the uploads folder prefix, bypassing the directory confinement check and causing the application to read files from unintended locations via PIL Image.open().
Published: 2026-06-01
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal flaw in the generate_image() function of Banana Slides 0.4.0 lets attackers craft markdown image references that cause the application to read arbitrary image-format files outside the intended uploads directory. The flaw arises from an incomplete prefix check using os.path.startswith() without a trailing separator, enabling directory confinement bypass. As a result, unauthenticated attackers can read any accessible file that resides in a sibling directory whose name shares the uploads folder prefix, potentially exposing sensitive data.

Affected Systems

The vulnerability affects Anionex Banana Slides version 0.4.0. The patch is implemented in commit e8bc490, which is included in later releases.

Risk and Exploitability

The CVSS score of 8.7 classifies this exploit as high severity. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog. Attackers only need to supply a crafted image reference within an unauthenticated user‑controlled page description; the backend then opens the target file with PIL Image.open(), making the attack straightforward and requiring no additional privileges.

Generated by OpenCVE AI on June 1, 2026 at 21:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Banana Slides to the patched version that includes commit e8bc490 or later
  • Enforce strict path validation by ensuring the uploads directory name ends with a separator before checking with startswith
  • Restrict file reading to allowed image types and directories, using a whitelist approach and sanitizing markdown input

Generated by OpenCVE AI on June 1, 2026 at 21:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Description Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete path prefix check using os.path.startswith() without a trailing separator. Attackers can supply crafted markdown image references in user-controlled page descriptions that resolve to sibling directories whose names share the uploads folder prefix, bypassing the directory confinement check and causing the application to read files from unintended locations via PIL Image.open().
Title Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-01T19:09:51.443Z

Reserved: 2026-05-27T17:40:12.738Z

Link: CVE-2026-49136

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T21:16:46.627

Modified: 2026-06-01T21:16:46.627

Link: CVE-2026-49136

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T21:30:26Z

Weaknesses